| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. |
| IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebSphere's host aliases list, which will bypass WebSphere processing. |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. |
| IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin. |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
| IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
| Buffer overflow in AIX rcp command allows local users to obtain root access. |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
| AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |